> On Nov 3, 2020, at 2:57 AM, Zack Elan <[email protected]> wrote:
>
> Short version: if I set WG_ENDPOINT_RESOLUTION_RETRIES=infinity, I would like
> wg(8) to actually retry infinitely, rather than exiting the first time it
> gets what it assumes to be a permanent failure.
>
> Long version:
>
> When WG_ENDPOINT_RESOLUTION_RETRIES is set, wg will retry endpoint resolution
> failures...but it special-cases 2 or 3 error response codes [0] - EAI_NONAME,
> EAI_FAIL and (if defined) EAI_NODATA because it considers them "permanent"
> failures that are not worth retrying.
>
> I have several Wireguard tunnels that are set to start at boot on a NixOS box
> I host. NixOS sets this variable to infinite for me [1]. Despite this, when I
> reboot that host, I consistently have the tunnels fail on startup. They're
> failing with a error that wg(8) considers permanent:
Hi Zack,
Our project reversed the logic to make a DNS failure to be a non-fatal 'wg'
error. [2]
This trivial patch has worked well for our usage.
Lonnie
[2]
https://raw.githubusercontent.com/astlinux-project/astlinux/master/package/wireguard-tools/wireguard-tools-0001-ignore-endpoint-dns-failure.patch
